logo
Vulnerability feed
Contributors
About
Blog
CONTRIBUTE

Vulnerability

warn

CVE-2024-45850

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2024-45850

Description:
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for site column creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server.
Last updated date:
09/16/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/16/2024
Reference url to background

https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy